REMARKS 



Claims 1-63 are pending in the application. Reconsideration is respectfully 
requested in light of the following remarks. 

Allowed Claims : 

Claims 61-63 have been allowed by the Examiner. Applicants thank the 
Examiner for consideration of these claims. 

Double Patenting Rejections : 

The Examiner rejected claims 1-6, 8-11, 16, 17, 20-25, 27-30, 35, 36, 39-44, 46- 
49, 54, 55 and 58-60 under the judicially created doctrine of obviousness-type double 
patenting as being unpatentable over claims 1-39 of co-pending Application No. 
09/552,984, over claims 1-44 of U.S. Patent 6,839,748, over claims 1-30 of U.S. patent 
6,813,770, over claims 1-34 of U.S. Patent 6,915,324 and over claims 1-34 of U.S. Patent 
6,950,935. Applicants traverse these rejections on the grounds that the Examiner has not 
stated a proper prima facie rejection. 

As argued previously, the Examiner has failed to present a prima facie 
obviousness-type double patenting rejection. According to MPEP 804.II.B.1, "the 
analysis employed in an obviousness-type double patenting determination parallels the 
guidelines for a 35 U.S.C. 103(a) rejection." This section of the MPEP also states that 
the same "factual inquires ... that are applied for establishing a background for 
determining obviousness under 35 U.S.C. 103(a) are employed when making an 
obviousness-type double patenting analysis." MPEP 804.II.B.1 also states that the 
Examiner should list the differences between each rejected claim and the claims of 
the other patent/application, and for each difference the Examiner should give the 
reasons why a person of ordinary skill in the art would conclude that the invention 
defined in the claim is an obvious variation of the invention defined in a claim of the 
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other patent/application. 

The Examiner does not specifically address each difference of each claim of the 
present application compared to the claims of the other applications. Instead, the 
Examiner improperly lumps all the claims together without addressing each specific 
difference. 

On p. 2, para. 3, of the current Office Action, the Examiner also states that 
Applicants should consider their own previous remarks. However, the remarks noted by 
the Examiner were in regard Applicants' own specification (not prior art) and pertained 
to a previous § 112, First Paragraph, rejection. These remarks are not in any way 
inconsistent with Applicants' arguments in regard to the double patenting rejections. 
Applicants' remarks referenced by the Examiner have absolutely no relevance to the 
double patenting rejections. 

Also in the Response to Arguments (Office Action mailed November 28, 2007, p. 
2), the Examiner contends that "the concerned limitations for the dependent claims were 
not identified in the remarks..." Firstly, according to MPEP 804.II.B.1, the burden is 
clearly on the Examiner to list the differences between each rejected claim and the 
claims of the other patent/application and explain how each difference would be obvious, 
as demonstrated above (and previously). The Examiner has never substantively 
responded to Applicants arguments regarding the Examiner's failure to address each 
difference of each claim of the present application compared to the claims of the other 
applications. Secondly, in the response dated September 17, 2007, Applicants did point 
out various differences between Applicants' claims, both independent and dependent 
claims, and the cited art (See, e.g., Response dated September 17, 2007, pp 17-21), which 
the Examiner has failed to address. 

For instance, as argued in Applicants' previous response, the Examiner has failed 
to address the differences between claims 1-60 and the claims of the 6,950,935 patent. 
Claims 1-60 recite limitations not recited in the claims of the 6,950,935 patent. For 
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example, none of the claims of the 6,950,935 patent recite anything regarding a gateway 
configured to deliver events generated by managed objects, as recited in claim 1 of the 
current application. 

Similarly, (as also argued previously) the claims of the current application recite 
additional subject matter not recited by any of the claims of the 6,950,935 patent. For 
example, none of the claims of the 6,950,935 patent recite anything regarding: a gateway 
configured to authentication managers as a function of the identity of the managed object 
(claim 3), authenticating a manager as a function of the identify of the managed object 
(claim 3), delivering requests or events through a platform-independent interface 
according to Internet Inter-Object Protocol (HOP) (claim 5), a telephone network (claim 
8), telecommunication device (claim 9), providing security audit trails (claim 10), 
providing access to a logging service (claims 11-15). 

Applicants have also pointed out that the Examiner has also fails to address 
specific differences between claims 1-60 and the claims of the 6,915,324, 6,839,748 and 
6,813,770 patents. For instance, none of the claims of the 6,915,324, 6,839,748 and 
6,813,770 patents recite anything regarding a gateway configured to deliver events 
generated by managed objects, as recited in claim 1 of the current application. 
Additionally, none of the claims of the 6,915,324, 6,839,748 and 6,813,770 patents recite 
anything regarding: a gateway configured to determine whether each manager is 
authorized to communicate with each of the managed objects (claim 2), a gateway 
configured to authentication managers as a function of the identity of the managed object 
(claim 3), authenticating a manager as a function of the identify of the managed object 
(claim 3), authenticating managers as a function of user IDs (claim 4), delivering requests 
or events through a platform-independent interface according to Internet Inter-Object 
Protocol (HOP) (claim 5), providing security audit trails (claim 10), providing access to a 
logging service (claims 11-15). 

Moreover, the Examiner specifically admits that the claims of the 6,839,748, 
6,813,770, 6,915,324, and 6,950,935 patents do not recite anything regarding providing 
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object-level access control at the individual object level so that one of the managers is 
granted access to one of the managed objects while being prevented from interfacing with 
a different one of the managed objects as recited by claims 1, 20, 39, and 58-62. The 
Examiner relies on CORBA/TMN and Barry. However, CORBA/TMN and Barry, 
whether considered singly or in combination with each other and any of the 6,839,748, 
6,813,770, 6,915,324, and 6,950,935 patents do not teach or suggest providing object- 
level access control at the individual object level so that one of the managers is granted 
access to one of the managed objects while being prevented from interfacing with a 
different one of the managed objects. 

Thus, contrary to the Examiner's assertion, Applicants have clearly and 
repeatedly pointed out many example differences between Applicants' claims and the 
claims of the cited art relied on by the Examiner. However, The Examiner has never 
substantively responded to this argument or addressed the differences between 
Applicants claims and the claims of the 6,839,748, 6,813,770, 6,915,324, and 
6,950,935. Applicants respectfully point out that it is the Examiner's burden, not 
Applicants', to list and address each different of each claim of the present application 
compared to the claims of the cited applications and maintain that the Examiner has 
failed to address each difference between each rejected claim and the claims of the 
6,839,748, 6,813,770, 6,915,324, and 6,950,935 patents. 

Since the Examiner has clearly not addressed the above-noted differences (and 
others), a prima facie rejection has not been stated. 

Instead, the Examiner has rejected claims 1-60 based on a broad generalization of 
the claimed subject matter. For example, in the rejection of claims 1-60 over claims 1-44 
of U.S. Patent 6839748, the Examiner states that U.S. Patent 6839748 "does not 
specifically mention about usage of Individual object level." The Examiner then relies on 
CORBA/TMN to disclose "using Individual object level" and "using SAP". The 
Examiner also relies on Barry to disclose "using Individual object level." 
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The Examiner's rejection is based on combining different, general, concepts, such 
as "using individual object level" and "using SAP" rather than relying upon specific 
teachings of the cited art. For example, the Examiner asserts that CORBA/TMN 
teaches, "using Individual object level". However, the claims do not recite "using 
Individual object level." When considering what is actually recited in the claims, 
CORBA/TMN does not teach providing object-level access control at the individual 
object level. Instead, CORBA/TMN uses a completely different type of access control 
from object-level access control. CORBA/TMN teaches domain-based access control. 
For example, CORBA/TMN states that objects (both managed and manager) are grouped 
into domains and that domains "are considered the unit of accessibility" and that each 
domain, "may have any number of objects within it" (CORBA/TMN, page 2-8, 
paragraph 7). Objects must gain access to a target object's domain and can then access 
any object within that domain. Thus, CORBA/TMN teaches domain-level access control, 
not object-level access control. The fact that CORBA/TMN may refer to objects 
individually in other circumstances does not imply object- level access control at the 
individual object level. 

Similarly, the Examiner relies on Barry to teach or suggest "using Individual 
object level", citing column 15, lines 31-62 of Barry. Again, the claims do not recite 
"using Individual object level." Barry, whether considered individually or in 
combination with CORBA/TMN, does not teach or suggest anything regarding providing 
object-level access control at an individual object level, as recited in Applicants' claim. 
Instead, Barry describes an order entry application used "to order, fulfill, and bill for, as 
well as administer, the suite of data management applications." Barry describes that all 
access to the suite of applications is controlled by user identifiers and passwords and that 
"individual users are specifically granted access to only the necessary system objects, i.e., 
file, programs, menus, reports, etc." However, Barry fails to teach or suggest any object- 
level access control provided at an individual object level. Instead, Barry teaches that the 
Order Entry application "provides the ability to prevent unauthorized, non-customer 
access to data and applications in the system." Thus, Barry's access control is provided 
on a user or client basis, not at an individual object level. 
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Thus, the Examiner's reliance on a combination of CORBA/TMN and/or Barry to 
suggest the obviousness of including "the concept of using Individual object level and . . . 
SAP" with the claimed subject matter of the 6,839,748, 6,813,770, 6,915,324, and 
6,950,935 patents "in order to utilize the benefit provided by them" is clearly misplaced. 
Simply stating that "it would have been obvious ... in order to utilize the benefit provided 
by [CORBA/TMN and Barry teachings]" is not a valid reason why a person of ordinary 
skill in the art would conclude that the invention defined in each claim is an obvious 
variation of the invention defined in a claim of the other patent/application. Furthermore, 
as noted above, CORBA/TMN and Barry, whether considered alone or in combination, 
fail to teach or suggest the subject matter on which the Examiner relies. Applicants note 
that the Examiner has had ample opportunity to address Applicants' arguments 
regarding the differences between Applicants' claims and the subject matter of the 
6,839,748, 6,813,770, 6,915,324, and 6,950,935 patents, but has failed to do so. 

The Examiner clearly has clearly not met the requirements stated in MPEP 
804.II.B.1 to establish a prima facie obviousness-type double patenting rejection. 
Accordingly, Applicants respectfully request removal of the double patenting rejection of 
claims 1-60. 

The Examiner also provisionally rejected claims 1-60 under the judicially created 
doctrine of obviousness-type double patenting as being unpatentable over claims 1- 39 of 
copending application 09/552,984, and over claims 1-45 of co-pending application 
09/557,068. If and/or when these rejections becomes non-provisional, Applicants will 
consider filing a terminal disclaimer or present reasons traversing the rejection. 
However, Applicants note that these rejections appear flawed for similar reasons as 
discussed above. 

Section 112, Second Paragraph, Rejections : 



The Examiner rejected claims 1-60 under 35 U.S.C. § 112, second paragraph, as 
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being incomplete "for omitting essential steps/elements/structural cooperative 
relationships of elements, such omission amounting to a gap between the 
steps/elements/necessary structural connections". Applicants respectfully traverse this 
rejection for at least the following reasons. 

The Examiner rejects claims 1-60 as incomplete because "one skilled in the art 
very well knows that element 408 of the figure 4 cannot be accomplished without usage 
of EDS source and EDS sink" (Office Action dated November 28, 2007, pp. 7-8). 
Specifically, the Examiner simply states the conclusion, without any supporting evidence, 
that "one skilled in the art very well knows that element 408 of the figure 4 cannot be 
accomplished without usage of EDS source and EDS sink." 

However, the use of an EDS source and EDS sink is merely described as one 
embodiment in Applicants' specification, not as the only possible implementation. The 
Examiner further contends, "as per the specification these identified elements (e.g., EDS 
Source and EDS Sink) are necessary to accomplish the claimed invention" (Final Office 
Action, November 28, 2007, p. 8). The Examiner is incorrect. Nowhere does 
Applicants' specification state that the use of an EDS source and EDS sink is necessary 
or essential. 

Furthermore, the Examiner is merely relying on the Examiner's own opinion that 
"element 408 of the figure 4 cannot be accomplished without the usage of EDS source 
and EDS Sink" (Office Action, dated November 28, 2007, p 8). The Examiner is 
incorrect. The Examiner does present any evidence that supports the Examiner's 
erroneous contention. 

Moreover, Applicants' strongly disagree with the Examiner's contention that 
"[fjurther usage of authentication module and the usage of module that prevent from 
interfacing is necessary as per the applicant", citing Applicant's previous response (dated 
July 2, 2006), page 28. Applicants did not, and have not, stated that usage of an 
authentication module and/or providing object level access control requires the particular 
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embodiment of EDS source and EDS sink illustrated in FIG. 4. Applicants' previous 
remarks were directed to showing that the amendment to FIG. 4 is properly supported by 
Applicants' specification. Nowhere does Applicants' specification state that usage of an 
authentication module and usage of a module that prevents from interfacing are necessary 
or essential, in contrast to the Examiner's assertions. 

The Examiner also rejected claims 58-63 as incomplete, arguing that these claims 
do not recite a "[structural connection and relationship between the gateway and the 
request service access point" and "the required 'user information included with each 
request' and determining using the user information that is necessary for the request 
service access point (RequestSAP) to provide object-level access control" (Office Action, 
pages 9-10). The Examiner further asserts, "[t]he claimed requests AP is no different that 
the regular application SAP without user information etc." 

However, the Examiner is relying on only one particular embodiment described in 
Applicants' specification and improperly requiring inclusion of that particular 
embodiment in Applicants' claims. Just because Applicants' specification describes 
certain details regarding a particular embodiment does not imply that those details are 
necessarily required in every embodiment. Applicants note that the Examiner has failed 
to respond to this argument in any way. 

Furthermore, the Examiner's opinion that the "requests AP is no different that the 
regular application SAP without user information" overlooks the fact that Applicants' 
claims recite a gateway that provides object-level access control at an individual object 
level so that one of the one or more managers is granted access to one of the managed 
objects while being prevented from interfacing with a different one of the managed 
objects and that uses "a request Service Access Point (SAP) for requests and responses" 
(e.g., claim 58). 

The Examiner is simply incorrect that claims 58-63 require the user information 
for each request and determining the user information. Applicants are not arguing that 
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embodiments of the present invention never include such user information or determine 
the user information as described by the Examiner. However, Applicants are arguing that 
Applicants' claims are complete and do not omit any essential steps, elements or 
structural cooperative relationships of elements. The Examiner is merely attempting to 
require recitation of a specific and particular embodiment described in Applicants' 
specification. Such a requirement is improper. In fact, the Examiner, in the Response to 
Arguments, specifically points out, "Although the claims are interpreted in light of the 
specification, limitations from the specification are not read into the claims" (Office 
Action, November 28, 2007, p. 4, citing In re Van Geuns, emphasis added). However, 
the Examiner is improperly attempting to require recitation of a specific and particular 
embodiment described in Applicants' specification. 

Thus, for at least the reasons presented above, Applicants respectfully request 
removal of the §1 12, second paragraph, rejections of claims 1-60. 

Section 103(a) Rejections : 

On p. 3, para. 7, of the current Office Action, the Examiner states that Applicants' 
arguments in regard to the prior at rejections are either misleading or irrelevant since the 
rejections do not rely on the art as argued. The Examiner is incorrect. Applicants' 
arguments clearly show that none of the cited references, whether considered alone or in 
combination, teach or suggest a gateway configured to provide object- level access 
control between the one or more managers and the managed objects to receive the one or 
more events from or to send the one or more requests to the managed objects, where the 
object-level access control is provided at an individual object level so that one or of the 
one or more managers is granted access to one of the managed objects while being 
prevented from interfacing with a different one of the managed objects. Moreover, 
Applicants' arguments in regard to Barry show that the Examiner's reliance on Barry to 
teach "usage at individual object level" does not teach Applicants' claimed invention 
even if considered in combination with the other references. Also, Applicants' arguments 
in regard to Barker show how Barker specifically teaches a system that does not employ 
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object-level access control and it would be counter to the principle of operation of 
Barker's system to modify it to employ object-level access control. Such considerations 
are always relevant in an obviousness determination. Prior art references must be 
considered for what the teach as a whole . W.L. Gore & Associates, Inc. v. Garlock, Inc., 
Ill F.2d 1540, 220 USPQ 303 (Fed. Cir. 1983), cert, denied, 469 U.S. 851 (1984). 

On p. 3, para. 7, of the current Office Action, the Examiner also states that 
Applicants should consider their own previous remarks. However, the remarks noted by 
the Examiner were in regard Applicants' own specification (not prior art) and pertained 
to a previous § 112, First Paragraph, rejection. These remarks are not in any way 
inconsistent with Applicants' arguments below in regard to the prior art. Applicants' 
previous remarks referenced by the Examiner have absolutely no relevance to the § 103 
rejections. 

On pp. 4-5 of the current Office Action, the Examiner makes reference to various 
case law citations. However, the Examiner does not provide and explanation of how any 
of the cited cases or principles actually relate to any particular argument or aspect of the 
rejections. All of Applicants' arguments are consistent with the cases and principles 
referenced by the Examiner. As shown below, the cited art simply does not teach or 
suggest Applicants' claimed invention. 

The Examiner rejected claims 1, 5-7, 9, 16, 17, 20, 24-26, 28, 35, 36, 39, 43-45, 
47, 54, 55 and 58-60 under 35 U.S.C. § 103(a) as being unpatentable over Barker-Lucent, 
et al. (U.S. Patent 6,363,421) (hereinafter "Barker-Lucent") in view of Barry et al. (U.S. 
Patent 6,615,258) (hereinafter "Barry") and JIDM Interaction Translation, Initial 
Submission to OMG's CORBA/TMN Internetworking RFP (hereinafter CORBA/TMN), 
claims 8, 27 and 46 as being unpatentable over Barker-Lucent, Barry and CORBA/TMN 
in view of Official Notice, claims 2-4, 10, 21-23, 29, 40-42 and 48 as being unpatentable 
over Barker-Lucent, Barry and Corba/TMN in view of Olden (U.S. Patent 6,460,141), 
claims 11-15, 30-34 and 49-53 as being unpatentable over Barker-Lucent, Barry, 
CORBA/TMN and Olden in view of Official Notice, claims 18, 37 and 56 as being 
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unpatentable over Barker-Lucent, Barry and CORBA/TMN n view of Hearne et al. (U.S. 
Publication 2001/0052113) (hereinafter "Hearne") in view of Solstice Enterprise 
Manager 4.1 Managing Your Network.... (hereinafter "SUN"), claims 19, 38 and 57 as 
being unpatentable over Barker-Lucent, Barry and CORBA/TMN in view of Hearn, 
claims 1, 5-7, 9, 16, 17, 20, 24-26, 28, 35, 36, 43-45, 47, 54, 55 and 58-60 as being 
unpatentable over Barker-Lucent in view of Barry and Buckle, et al, claims 8, 27 and 46 
as being unpatentable over Barker-Lucent, Barry and Buckle in view Official Notice, 
claims 2-4, 10, 21-23, 29, 40-42 and 48 as being unpatentable over Barker-Lucent, Barry 
and Buckle in view of Olden, claims 11-15, 30-34 and 49-53 as being unpatentable over 
Barker-Lucent, Barry, Buckle and Olden in view of Official Notice, claims 18, 37 and 56 
as being unpatentable over Barker-Lucent, Barry and Buckle in view of Hearn and SUN, 
and claims 19, 38 and 57 as being unpatentable over Barker-Lucent, Barry and Buckle in 
view of Hearne. Applicants respectfully traverse these rejections for at least the 
following reasons. 

Regarding claim 1, contrary to the Examiner's assertion, the combination of 
Barker, Barry and CORBA/TMN fails to teach or suggest a gateway configured to 
provide object-level access control between the one or more managers and the managed 
objects to receive the one or more events from or to send the one or more requests to the 
managed objects, where the object-level access control is provided at an individual object 
level so that one or of the one or more managers is granted access to one of the managed 
objects while being prevented from interfacing with a different one of the managed 
objects. 

Barker discloses a system including "access control based on client name and 
password" (Barker, column 8, lines 45-46). Barker describes this as "a method of client 
based access control of network elements" (emphasis added, Barker, column 30, lines 45- 
46). Further, Barker summarizes his access control features as "the client based access 
control . . . provides a means to restrict access on a command/client basis", and does not 
describe his access control features as restricting access at the object level (emphasis 
added, Barker, column 31, lines 10-12). 
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The Examiner asserts that Barker teaches a gateway configured to provide 
"object-level control", referring to the use of a naming service and citing column 8, line 
53 - column 9, line 19, and column 7, lines 47-63. The Examiner is incorrect. These 
passages of Barker only refer to Barker's use of EMAPI, CORBA, Java, C++ and SNMP, 
but fail to mention anything regarding any sort of "object level control". Although Java 
and C++ are object-oriented programming languages, that does not imply any sort of 
object-level control for delivering events to or receiving requests from managed objects 
as recited in claim 1, contrary to the Examiner's assertion. Additionally, "object-level 
control" (as stated by the Examiner) is not the same as "object-level access control" (as 
recited in claim 1). Controlling an object and control access to that object are two very 
different things. Thus, the Examiner's comments in regard to the teachings of Barker are 
not relevant to the actual limitations recited in claim 1 . 

Barry teaches a web-based, integrated customer interface system for data 
management. Barry's customer interface system includes a graphical user interface for 
enabling a user to interact with services provided by remote servers located in the Internet 
and utilizes a web paradigm to allow easy and convenient access to all of the services 
from the user's perspective. The Examiner relies on Barry to teach or suggest "usage at 
individual object level", citing column 15, lines 31-62 of Barry. 

However, Applicants' claim does not recite "usage at individual object level" as 
relied on by the Examiner. Instead, Applicants' claim recites that "object-level access 
control is provided at an individual object level so that one or more managers is granted 
access to one of the managed objects while being prevented from interfaces with a 
different one of the managed objects." The cited portion of Barry does not mention 
anything regarding providing object- level access control at an individual object level, as 
recited in Applicants' claim. Instead, at the cited passage, Barry describes an order entry 
application used "to order, fulfill, and bill for, as well as administer, the suite of data 
management applications." Barry describes that all access to the suite of applications is 
controlled by user identifiers and passwords and that "individual users are specifically 
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granted access to only the necessary system objects, i.e., file, programs, menus, reports, 
etc." However, Barry fails to teach or suggest any object-level access control provided at 
an individual object level. Instead, Barry teaches that the Order Entry application 
"provides the ability to prevent unauthorized, non-customer access to data and 
applications in the system." Thus, Barry's access control is provided on a user or client 
basis, not at an individual object level. 

Additionally, it is unclear how "usage at an individual object level" relates to 
object-level access control. The fact that Barry teaches a graphical user interface for 
enabling a user to interact with services provided by remote servers has absolutely 
no relevance to object-level access control. Additionally, even if it were proper to 
combine the references, the combination of Barker and Barry would at most result in 
Barker's system, including client-based access control that utilizes the graphical user 
interface taught in Barry. Such a combination does not teach or suggest anything about 
object-level access control for delivering events to or receiving requests from managed 
objects as recited in claim 1. 

The Examiner relies on CORBA/TMN to teach "access control", citing page 4-62. 
However, CORBA/TMN uses a completely different type of access control from object- 
level access control. CORBA/TMN teaches domain-based access control. For example, 
CORBA/TMN states that objects (both managed and manager) are grouped into domains 
and that domains "are considered the unit of accessibility" and that each domain, "may 
have any number of objects within it" (CORBA/TMN, page 2-8, paragraph 7). Objects 
must gain access to a target object's domain and can then access any object within that 
domain. Thus, CORBA/TMN teaches domain-level access control, not object-level 
access control. 

The Examiner argues that the "object-level control" of Barker combined with the 
"concept of usage at individual object level" of Barry and further combined with the 
domain-based "access control" of CORBA/TMN somehow teaches or suggest the 
specific limitation of providing object-level access control between managers and 

09/556,068 (5181-48400/P4500) 14 Meyertons, Hood, Kivlin, Kowert & Goetzel, P.C. 



managed objects to receive the one or more events from or to send the one or more 
requests to the managed objects, where the object-level access control is provided at an 
individual object level, as recited in Applicants' claim 1. The Examiner's position is 
completely unsupported by the actual teachings of the cited art. None of the 
references, either alone or in combination teach or suggest object-level access control 
between managers and managed objects to receive the one or more events from or to send 
the one or more requests to the managed objects, where the object-level access control is 
provided at an individual object level, as recited in Applicants' claim 1. Instead, as 
shown above, Barker, Barry and CORBA/TMN all teach access control that is 
specifically not provided at an individual object level. The access control of Barker is at 
the client level, Barry's is at the user level, and the access control of CORBA/TMN is at 
the domain level. Furthermore, Barry is completely silent in regard to any type of access 
control for receiving events from or sending requests to managed objects, as managed 
objects are understood in the art. 

The Examiner's combination of Barker, Barry and CORBA/TMN does not in any 
way teach or suggest a gateway that is configured to provide object-level access control 
between the one or more managers and the managed objects to receive the one or more 
events from or to send the one or more requests to the managed objects, where the object- 
level access control is provided at an individual object level so that one or of the one or 
more managers is granted access to one of the managed objects while being prevented 
from interfacing with a different one of the managed objects, as recited in claim 1. 
Instead, even if the combination of references was proper, the Examiner's proposed 
combination of Barker, Barry and CORBA/TMN would at most result only in the 
CORBA-based remote management system of Barker, that utilized the graphical user 
interface as taught by Barry and that also includes domain-level access control as taught 
by CORBA/TMN. Thus, the Examiner's proposed combination of Barker, Barry and 
CORBA/TMN clearly does not teach all the limitations of Applicants' claim 1. As the 
Examiner is surely away, to establish a prima facie obviousness of a claimed invention, 
all claim limitations must be taught or suggested by the prior art. In re Royka, 490 F.2d 
981, 180 U.S.P.Q. 580 (C.C.P.A. 1974), MPEP 2143.03. Obviousness cannot be 
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established by combining or modifying the teachings of the prior art to produce the 
claimed invention, absent some teaching or suggestion or incentive to do so. In re Bond, 
910 F. 2d 81, 834, 15 USPQ2d 1566, 1568 (Fed. Cir. 1990). Since, as shown above, the 
Examiner's combination of Barker, Barry and CORBA/TMN fails to teach all the 
limitations of Applicants' claim 1, the Examiner has failed to provide a prima facie 
rejection. 

Moreover, there is no reason found in the evidence of record to combine the 
teachings of the cited art in a way that would result in Applicants' claimed invention. 
The rejection of claim 1 is clearly a case of the Examiner simply attempting to identify 
features of Applicants' claimed invention in disparate references. The Examiner is 
clearly attempting a piecemeal reconstruction of Applicants' invention in hindsight 
without considering the claimed invention as a whole. Such reconstruction is improper. 
See, e.g., Interconnect Planning Corp. v. Feil, 11 A F.2d 1132, 1143, 227 USPQ 543, 551 
(Fed. Cir. 1985) (it is insufficient to select from the prior art the separate components of 
the inventor's combination, using the blueprint supplied by the inventor); Uniroyal, Inc. 
v. Rudkin-Wiley Corp., 837 F.2d 1044, 1051-52, 5 USPQ 2d 1434, 1438 (Fed. Cir. 1988) 
(it is impermissible to reconstruct the claimed invention from selected pieces of prior art 
absent some suggestion, teaching, or motivation in the prior art to do so). The Examiner 
cannot use the claimed invention as an instruction manual or "template" to piece together 
the teachings of the prior art so that the claimed invention is rendered obvious. In re 
Fritch, 23 USPQ 2d 1780, 1784 (Fed. Cir. 1992). "One cannot use hindsight 
reconstruction to pick and choose among isolated disclosures in the prior art to deprecate 
the claimed invention." In re Fine, 837 F.2d 1071, 1075, 5 USPQ 2d 1596, 1600 (Fed. 
Cir. 1988). 

The Examiner merely states that it would have been obvious to combine the 
teachings of Barker and Barry "because the concept of accessing individual object level 
would enhance supporting event / request by the object." This statement by the Examiner 
is found nowhere in any evidence of record and thus can only have come in hindsight 
from Applicants' own teachings. An obviousness claim that lacks factual evidence of a 
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reason for one of skill in the art to combine prior art references to produce the claimed 
invention is defective as hindsight analysis. In addition, "Broad conclusory statements 
regarding the teaching of multiple references, standing alone, are not 'evidence'." In re 
Dembiczak, 175 F.3d 994, 50 USPQ2d 1614 (Fed. Cir. 1999). The art must fairly teach 
or suggest to one to make the specific combination as claimed . That one achieves an 
improved result by making such a combination is no more than hindsight without an 
initial suggestion to make the combination . Such an initial suggestion must be supported 
by evidence of record. The Examiner's stated reason is merely a desired result from the 
combination in an attempt to reconstruct Applicants' claimed invention, not a reason to 
combine Barker and Barry. The Examiner has failed to ever substantively respond to 
this argument. 

The Examiner has also failed to state a proper reason to combine the teachings of 
CORBA/TMN with those of Barker and Barry. The Examiner states that it would have 
been obvious to combine the teachings of Barker and Barry with those of CORBA/TMN 
"because the concept of accessing a single object would enhance supporting 
event/request for the particular object." The Examiner also states that "prevention of 
accessing the other object when accessing the object would enhance supporting 
event/request specific to the object and not in common with the other object". These 
statement by the Examiner are found nowhere in any evidence of record and thus can 
only have come in hindsight from Applicants' own teachings. None of the cited art 
suggests "prevention of accessing the other object when accessing the object would 
enhance supporting event/request specific to the object and not in common with the other 
object". The Examiner has again merely stated a desired result from the combination in 
an attempt to reconstruct Applicants' claimed invention, not a reason to combine the 
teachings of CORBA/TMN with those of Barker and Barry. 

Whether a reason to combine prior art references has been demonstrated is a 
question of fact. Winner Int'l Royalty Corp. v. Wang, 202 F.3d 1340, 1348, 53 USPQ2d 
1580, 1586 (Fed. Cir. 2000). The statute clearly places the burden of proof to satisfy the 
question of fact on the Examiner which requires him to produce the factual basis for his 
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rejection. In re Warner, 154 USPQ 173, 177 (C.C.P.A. 1967), cert, denied, 389 U.S. 
1057 (1968). The Examiner has completely failed to meet his burden of proof since 
the Examiner has not provided any factual evidence showing a proper reason to 
combine Barker, Barry and CORBA/TMN. "The factual inquiry whether to combine 
references must be thorough and searching." McGinley v. Franklin Sports, Inc., 
60USPQ2d 1001, 1008 (Fed. Cir. 2001). It must be based on objective evidence of 
record. "This precedent has been reinforced in myriad decisions, and cannot be 
dispensed with." In re Lee, 61 USPQ2d 1430, 1433 (Fed. Cir. 2002). See, e.g., In re 
Kotzab, 217 F.3d 1365, 1371, 55 USPQ2d 1313, 1317 (Fed. Cir. 2000) ("particular 
findings must be made as to the reason the skilled artisan, with no knowledge of the 
claimed invention, would have selected these components for combination in the manner 
claimed"); In re Rouffet, 149 F.3d 1350, 1359, 47 USPQ2d 1453, 1459 (Fed. Cir. 1998) 
("the [Examiner] must identify specifically the principle, known to one of ordinary skill, 
that suggests the claimed combination. In other words, the [Examiner] must explain the 
reasons one of ordinary skill in the art would have been motivated to select the references 
and to combine them to render the claimed invention obvious."); In re Fritch, 972 F.2d 
1260, 1265, 23 USPQ2d 1780, 1783 (Fed. Cir. 1992) (the examiner can satisfy the 
burden of showing obviousness of the combination "only by showing some objective 
teaching in the prior art or that knowledge generally available to one of ordinary skill in 
the art would lead that individual to combine the relevant teachings of the references"). 

Furthermore, Barker teaches away from object-level access control. Barker 
teaches that a client can specify a range of managed object instance identifiers, or even 
request all instances in a managed object call through the managed object instance 
identifier parameter (Barker, column 25, lines 27-28). Hence, Barker teaches that once a 
client has been properly authenticated at the start of a session, that client may then 
register for attribute update notification for a number of managed objects through a single 
call. Such functionality is clearly not compatible with object-level access control, and 
thus Barker clearly teaches away from object-level access control, wherein the object- 
level access control is provided at the individual object level so that one of the managers 
is granted access to one of the managed objects while being prevented from interfacing 
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with a different one of the managed objects. Thus, Barker actually teaches away from 
the Examiner's proposed combination of Barker, Barry and CORBA/TMN. References 
that teach away cannot serve to create a prima facie case of obviousness. In re Gurley, 27 
F.3d 551, 553, 31 USPQ2d 1131, 1132 (Fed. Cir. 1994). Moreover, since Barker teaches 
away from object-level access control, modifying Barker to use object-level access 
control would necessarily change the principle of operation of Barker's system. As the 
Examiner is surely away, if the proposed modification or combination of the prior art 
would change the principle of operation of the prior art invention being modified, then 
the teachings of the references are not sufficient to render the claims prima facie obvious; 
M.P.E.P. § 2143.01; and//? re Ratti, 270 F.2d 810, 123 USPQ 349 (CCPA 1959). 

Thus, for at least the reasons above, the rejection of claim 1 is not supported by 
the prior art and removal thereof is respectfully requested. Similar remarks as those 
above regarding claim 1 also apply to claims 58. 

Regarding claim 20, the combination of Barker, Barry and CORBA/TMN does 
not teach or suggest determining on a managed object level whether or not the manager 
application is allowed to receive an event generated by one of a plurality of managed 
objects or to send a request to the one of the plurality of managed objects as a function of 
the identity of the user of the manager application. The Examiner cites column 7, lines 
47-63 and column 8, line 53 - column 9, line 19 of Barker. However, the cited passages 
do not mention anything about determining on a managed object level whether or not a 
manager application is allowed to receive an event generated by a managed object or 
send a request to a managed object as a function of the identity of the user of the manager 
application. Instead, these passages of Barker only refer to his use of EMAPI, CORBA, 
Java, C++, and SNMP, but fail to mention anything regarding any sort of access control 
for any portion of Barker's system. The Examiner has not cited any particular portion in 
Barker that describes the features the Examiner is attributing to Barker's system. In fact, 
the Examiner is incorrectly assuming that Barker's use of CORBA and the HOP protocol 
includes object level access control such that one of the managers is granted access to one 
of the managed objects while being prevented from interfacing with a different one of the 
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managed objects. 



Barker further teaches the use of a single service object "to provide services for a 
class of managed objects" (underlining added) (Barker, column 14, lines 42-43) and that 
the EM server "will implement one application-specific service object for each type of 
physical or logical resource to be managed" (underlining added) (Barker, column 39, 
lines 60-62). Applicants assert that access control on a command/client basis while using 
a single service object for each class of managed object actually teaches away from 
determining on a managed object level whether or not the manager application is allowed 
to send a request to the managed object. As note above 

Furthermore, Barker fails to disclose that access for the manager application to 
receive the event or send the request is approved or denied for said one of the plurality of 
managed objects at the individual object level so that the manager application is granted 
access to one of the plurality of managed objects while being prevented from interfacing 
with a different one of the plurality of managed objects. Instead, Barker discloses a 
method "of client based access control of network elements" (emphasis added, Barker, 
column 30, lines 45-46) that "provides a means to restrict access on a command/client 
basis'" (emphasis added, Barker, column 31, lines 10-12). Barker does not describe his 
access control features as restricting access at the object level. Please refer to Applicants 
arguments above regarding claim 1 for a more detailed discussion regarding Barker's 
failure to teach object level access control. 

Barry and CORBA/TMN are not relied upon by the Examiner to teach this 
limitation, nor do they overcome the above -noted deficiencies of Barker regarding 
determining on a managed object level whether or not the manager application is allowed 
to receive an event generated by one of a plurality of managed objects or to send a 
request to the one of the plurality of managed objects as a function of the identity of the 
user of the manager application. Or about where access for the manager application to 
receive the event or send the request is approved or denied for said one of the plurality of 
managed objects at the individual object level so that the manager application is granted 
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access to one of the plurality of managed objects while being prevented from interfacing 
with a different one of the plurality of managed objects. Thus, the Examiner's 
combination of Barker, Barry and CORBA/TMN does not teach or suggest the 
limitations of Applicants' claim 20. 

For at least the reasons given above, the rejection of claim 20 is not supported by 
the prior art and its removal is respectfully requested. Similar remarks as discussed 
above in regard to claim 20 apply to claims 39, 59, and 60. 

The Examiner rejected claims 8, 27 and 46 under 35 U.S.C. § 103(a) as being 
unpatentable over Barker, Barry and CORBA/TMN in view of Official Notice. 
Applicants respectfully traverse this rejection of at least the reasons below. 

In regard to claims 8, 27 and 46, the Examiner takes official notice that "both the 
concept and advantages of providing [an] object corresponding to a telephone network is 
well known and expected in the art." Pursuant to M.P.E.P. § 2144.03, Applicant 
traverses the Examiner's taking of Official Notice in regard to the specific combination 
of features recited in claims 8, 27 and 46. Applicant asserts that it was not well known in 
the prior art for a gateway coupled to a plurality of managed objects and which is 
configured to deliver events generated by the managed objects to one or more managers 
or to deliver one or more requests generated by the one or more managers to one or more 
of the managed objects and wherein the gateway is configured to provide object-level 
access control between the one or more managers and the managed objects, wherein the 
managed objects comprise one or more objects corresponding to a telephone network. 
Pursuant to M.P.E.P. § 2144.03 Applicants repeat the assertion that "the examiner must 
provide documentary evidence in the next Office action if the rejection is to be 
maintained. See also 37 CFR 1.104(c)(2), (d)(2) and In re Zurko, 258 F.3d 1379, 1386 
(Fed. Cir. 2001). 

In the Response to Arguments (Office Action, June 18, 2007, pp. 6-7 and Final 
Action, November 28, 2007, p. 6), the Examiner cites Reisman, Reed, Arango and Kung, 
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arguing that these references support the Examiner's reliance on Official Notice. 
However, as argued previously Reisman, Reed, Arango and Kung all fail to support 
the Examiner's reliance on Official Notice. For instance, Reisman teaches a "method 
for distributing information to a plurality of user station configured for communication 
with a plurality of servers over various communication media (Reisman, column 5, lines 
18-29 and column 7, lines 25-44). The Examiner appears to be confusing communication 
over a telephone network with managed objects that comprise objects corresponding to a 
telephone network. Objects communicating over telephone network are very different 
from managed objects corresponding to a telephone network. The Examiner's reliance 
on Reed, Arango and Kung is similarly misplaced. Applicants note that the examiner 
has failed to substantively respond to this argument and fails to demonstrate how the 
cited art regarding communication over a telephone network support the Examiner's 
Official Notice regarding managed objects that comprise object corresponding to a 
telephone network. Instead, the Examiner merely repeats the same contention regarding 
Reisman, Reed, Arango and Kung (See, Office Action, June 18, 2007, pp. 6-7 and Final 
Action, November 28, 2007, p. 6). 

Thus, the rejection of claims 8, 27 and 46 is improper and removal thereof is 
respectfully requested. 

The Examiner rejected claims 11-15, 30-34 and 49-53 under 35 U.S.C. § 103(a) 
as being unpatentable over Barker, Barry, CORBA/TMN and Olden in view of Official 
Notice. Applicants respectfully traverse this rejection for at least the reasons presented 
regarding their respective independent claims. 

In further regard to claims 11-15, 30-34 and 49-53, the Examiner takes official 
notice that "both the concept and advantages of providing access to a logging service, to 
log an ID of a user, to log an ID of the object is well known and expected in the art." 
Pursuant to M.P.E.P. § 2144.03, Applicants have traversed the Examiner's taking of 
official notice in regard to the specific combination of features recited in these claims. 
Applicants assert that it was not well known in the prior art for a gateway that provides 
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object-level access control to provide access to a logging service, to log an ID of user or 
to log an ID of a managed object. In fact, as admitted by the Examiner, Barker, Barry 
and CORBA/TMN all fail to teach providing access to a logging service, to log an ID of 
user or to log an ID of a managed object. Pursuant to M.P.E.P. § 2144.03 Applicants 
repeat the previous assertion that "the examiner must provide documentary evidence in 
the next Office action if the rejection is to be maintained. See also 37 CFR 1.104(c)(2), 
(d)(2) and In re Zurko, 258 F.3d 1379, 1386 (Fed. Cir. 2001). 

In the Response to Argument, the Examiner cites Reisman, Reed, Arango and 
Kung, arguing that these references support the Examiner's reliance on Official Notice. 
However, Reisman, Reed, Arango and Kung all fail to support the Examiner's reliance on 
Official Notice. For instance, Reisman teaches a "method for distributing information to 
a plurality of user station configured for communication with a plurality of servers over 
various communication media (Reisman, column 5, lines 18-29 and column 7, lines 25- 
44). However Reisman fails to mention anything regarding a gateway that provides 
object-level access control to provide access to a logging service, to log an ID of user or 
to log an ID of a managed object. The Examiner's reliance on Reed, Arango and Kung is 
similarly misplaced. Thus, the rejection of claims 11-15, 30-34 and 49-53 is improper 
and removal thereof is respectfully requested. 

The Examiner rejected claims 1, 5-7, 9, 16, 17, 20, 24-26, 28, 35, 36, 39, 43-45, 
47, 54-55 and 58-60 under 35 U.S.C. § 103(a) as being unpatentable over Barker in view 
of Barry and Buckle, et al. (hereinafter "Buckle"). Applicants respectfully traverse this 
rejection for at least the following reasons. 

Regarding claim 1, contrary to the Examiner's assertion, the combination of 
Barker, Barry and Buckle fails to teach or suggest a gateway configured to provide 
object-level access control between the one or more managers and the managed objects to 
receive the one or more events from or to send the one or more requests to the managed 
objects, where the object-level access control is provided at an individual object level so 
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that one or of the one or more managers is granted access to one of the managed objects 
while being prevented from interfacing with a different one of the managed objects. 

Barker discloses a system including "access control based on client name and 
password" (Barker, column 8, lines 45-46). Barker describes this as "a method of client 
based access control of network elements" (emphasis added, Barker, column 30, lines 45- 
46). Further, Barker summarizes his access control features as "the client based access 
control . . . provides a means to restrict access on a command/client basis'", and does not 
describe his access control features as restricting access at the object level (emphasis 
added, Barker, column 31, lines 10-12). 

The Examiner asserts that Barker teaches a gateway configured to provide 
"object-level control", referring to the use of a naming service and citing column 8, line 
53 - column 9, line 19, and column 7, lines 47-63. The Examiner is incorrect. These 
passages of Barker only refer to Barker's use of EMAPI, CORBA, Java, C++ and SNMP, 
but fail to mention anything regarding any sort of "object level control". Although Java 
and C++ are object-oriented programming languages, that does not imply any sort of 
object-level control for delivering events to or receiving requests from managed objects 
as recited in claim 1, contrary to the Examiner's assertion. Additionally, "object-level 
control" (as stated by the Examiner) is not the same as "object-level access control" (as 
recited in claim 1). Controlling an object and control access to that object are two very 
different things. Thus, the Examiner's comments in regard to the teachings of Barker are 
not relevant to the actual limitations recited in claim 1 . 

Barry teaches a web-based, integrated customer interface system for data 
management. Barry's customer interface system includes a graphical user interface for 
enabling a user to interact with services provided by remote servers located in the Internet 
and utilizes a web paradigm to allow easy and convenient access to all of the services 
from the user's perspective. The Examiner relies on Barry to teach or suggest "usage at 
individual object level", citing column 15, lines 31 - 62 of Barry. However, Applicants' 
claim does not recite "usage at individual object level". Instead, Applicants' claim 
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recites that "object-level access control is provided at an individual object level so that 
one or more managers is granted access to one of the managed objects while being 
prevented from interfaces with a different one of the managed objects." The cited portion 
of Barry does not mention anything regarding providing object-level access control at an 
individual object level, as recited in Applicants' claim. Instead, at the cited passage, 
Barry describes an order entry application used "to order, fulfill, and bill for, as well as 
administer, the suite of data management applications." Barry describes that all access to 
the suite of applications is controlled by user identifiers and passwords and that 
"individual users are specifically granted access to only the necessary system objects, i.e., 
file, programs, menus, reports, etc." However, Barry fails to teach or suggest any object- 
level access control provided at an individual object level. Instead, Barry teaches that the 
Order Entry application "provides the ability to prevent unauthorized, non-customer 
access to data and applications in the system." Thus, Barry's access control is provided 
on a user or client basis, not at an individual object level. 

Additionally, it is unclear how "usage at an individual object level" relates to 
object-level access control. The fact that Barry teaches a graphical user interface for 
enabling a user to interact with services provided by remote servers has absolutely 
no relevance to object-level access control. Additionally, even if it were proper to 
combine the references, the combination of Barker and Barry would at most result in 
Barker's system, including client-based access control that utilizes the graphical user 
interface taught in Barry. Such a combination does not teach or suggest anything about 
object-level access control for delivering events to or receiving requests from managed 
objects as recited in claim 1. 

The Examiner relies on Buckle to teach "access control so that one of the 
managers is granted access to one of the managed objects while being prevented from 
interfacing with a different one of the managed objects", citing FIGs 2-10, 12- 15 and 
column 3, line 46 - column 4, line 41. Buckle teaches an agent oriented computing 
environment including an agent shell that can be sued by developers for constructing 
agent computing entities according to their own functionality requirements. Buckle's 
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system also includes an agent enabling layer providing basic communication, brokering 
and negotiation between agent computing entities. However, Buckle fails to teach any 
sort of access control whatsoever and clearly fails to teach "access control so that one of 
the managers is granted access to one of the managed objects while being prevented from 
interfacing with a different one of the managed objects" as asserted by the Examiner. 
Buckle teaches an environment in which agent computing entities can efficiently identify 
each other and quickly asses the functionality of peer agents (column 3, lines 19-30). 
None of the Examiner's cited figures illustrates any sort of access control. Instead, 
Buckle illustrates various features of his system enabling access and communication 
between agents. 

Similarly, the Examiner's cited passage from Buckle (column 3, line 46 - column 
4, line 41) describes an agent communication interface including an agent communication 
language. Buckle teaches that at agent may include an object oriented representation of a 
system and may actively seek, and cooperate with, other agents by reference to a broker 
service. Specifically, Buckle teaches that by transmitting "an ontology" between agents, 
task functionality available at a first agent may be made available to other agents "in a 
defined and unambiguous form." Nowhere does Buckle describe or even mention any 
sort of access control. Buckle clearly fails to teach "access control so that one of the 
managers is granted access to one of the managed objects while being prevented from 
interfacing with a different one of the managed objects" as asserted by the Examiner. 
Apparently, the Examiner is confusing providing "access" with providing "access control 
so that one of the managers is granted access to one of the managed objects while being 
prevented from interfacing with a different one of the managed objects". 

The Examiner argues that the "object-level control" of Barker combined with the 
"concept of usage at individual object level" of Barry and further combined with the 
domain-based "access control" of Buckle somehow teaches or suggest the specific 
limitation of providing object-level access control between managers and managed 
objects to receive the one or more events from or to send the one or more requests to the 
managed objects, where the object-level access control is provided at an individual object 
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level, as recited in Applicants' claim 1. The Examiner's position is completely 
unsupported by the teachings of the cited art. None of the references, either alone or 
in combination teach or suggest object-level access control between managers and 
managed objects to receive the one or more events from or to send the one or more 
requests to the managed objects, where the object-level access control is provided at an 
individual object level, as recited in Applicants' claim 1. Instead, as shown above, 
Barker, Barry and Buckle all teach access control that is specifically not provided at an 
individual object level. The access control of Barker is at the client level and Barry's is 
at the user level. As noted above, Buckle fails to teach any sort of access control 
whatsoever. Furthermore, Barry is completely silent in regard to any type of access 
control for receiving events from or sending requests to managed objects, as managed 
objects are understood in the art. 

The Examiner's combination of Barker, Barry and Buckle does not in any way 
teach or suggest a gateway that is configured to provide object-level access control 
between the one or more managers and the managed objects to receive the one or more 
events from or to send the one or more requests to the managed objects, where the object- 
level access control is provided at an individual object level so that one or of the one or 
more managers is granted access to one of the managed objects while being prevented 
from interfacing with a different one of the managed objects, as recited in claim 1. 
Instead, even if the combination of references was proper, the Examiner's proposed 
combination of Barker, Barry and Buckle would at most result only in the CORBA-based 
remote management system of Barker, that utilized the graphical user interface as taught 
by Barry and that also includes agent discovery and communication as taught by Buckle. 
Thus, the Examiner's proposed combination of Barker, Barry and Buckle clearly does not 
teach all the limitations of Applicants' claim 1. As the Examiner is surely away, to 
establish a prima facie obviousness of a claimed invention, all claim limitations must be 
taught or suggested by the prior art. In re Royka, 490 F.2d 981, 180 U.S.P.Q. 580 
(C.C.P.A. 1974), MPEP 2143.03. Obviousness cannot be established by combining or 
modifying the teachings of the prior art to produce the claimed invention, absent some 
teaching or suggestion or incentive to do so. In re Bond, 910 F. 2d 81, 834, 15 USPQ2d 
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1566, 1568 (Fed. Cir. 1990). Since, as shown above, the Examiner's combination of 
Barker, Barry and Buckle fails to teach all the limitations of Applicants' claim 1, the 
Examiner has failed to provide a prima facie rejection. 

Moreover, there is no reason found in the evidence of record to combine the 
teachings of the cited art in a way that would result in Applicants' claimed invention. 
The rejection of claim 1 is clearly a case of the Examiner simply attempting to identify 
features of Applicants' claimed invention in disparate references. The Examiner is 
clearly attempting a piecemeal reconstruction of Applicants' invention in hindsight 
without considering the claimed invention as a whole. Such reconstruction is improper. 
See, e.g., Interconnect Planning Corp. v. Feil, 11 A F.2d 1132, 1143, 227 USPQ 543, 551 
(Fed. Cir. 1985) (it is insufficient to select from the prior art the separate components of 
the inventor's combination, using the blueprint supplied by the inventor); Uniroyal, Inc. 
v. Rudkin-Wiley Corp., 837 F.2d 1044, 1051-52, 5 USPQ 2d 1434, 1438 (Fed. Cir. 1988). 
The Examiner cannot use the claimed invention as an instruction manual or "template" to 
piece together the teachings of the prior art so that the claimed invention is rendered 
obvious. In re Fritch, 23 USPQ 2d 1780, 1784 (Fed. Cir. 1992). "One cannot use 
hindsight reconstruction to pick and choose among isolated disclosures in the prior art to 
deprecate the claimed invention." In re Fine, 837 F.2d 1071, 1075, 5 USPQ 2d 1596, 
1600 (Fed. Cir. 1988). 

The Examiner merely states that it would have been obvious to combine the 
teachings of Barker and Barry "because the concept of accessing individual object level 
would enhance supporting event / request by the object." This statement by the Examiner 
is found nowhere in any evidence of record and thus can only have come in hindsight 
from Applicants' own teachings. The Examiner's stated reason is merely a desired result 
from the combination in an attempt to reconstruct Applicants' claimed invention, not a 
suggestion or motivation to combine Barker and Barry. 

An obviousness claim that lacks factual evidence of a reason for one of skill in the 
art to combine prior art references to produce the claimed invention is defective as 
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hindsight analysis. In addition, the showing of a reason to combine prior teachings "must 
be clear and particular. Broad conclusory statements regarding the teaching of multiple 
references, standing alone, are not 'evidence'." In re Dembiczak, 175 F.3d 994, 50 
USPQ2d 1614 (Fed. Cir. 1999). The art must fairly teach or suggest to one to make the 
specific combination as claimed . That one achieves an improved result by making such a 
combination is no more than hindsight without an initial suggestion to make the 
combination . Such an initial suggestion must be supported by evidence of record. 

The Examiner has also failed to state a proper reason to combine the teachings of 
Buckle with those of Barker and Barry. The Examiner states that it would have been 
obvious to combine the teachings of Barker and Barry with those of Buckle because "the 
concept of accessing a single object would enhance supporting event/request for the 
particular object" (Office Action, June 18, 2007, pp. 13-14). The Examiner also states 
that "prevention of not accessing the other object when accessing the object would 
enhance supporting event/request specific to the object and not in common with the other 
object" (Office Action, June 18, 2007, p. 14). These statements by the Examiner are 
found nowhere in any evidence of record and thus can only have come in hindsight from 
Applicants' own teachings. None of the cited art suggests "prevention of accessing the 
other object when accessing the object would enhance supporting event/request specific 
to the object and not in common with the other object". The Examiner has again merely 
stated a desired result from the combination in an attempt to reconstruct Applicants' 
claimed invention, not a reason to combine the teachings of Buckle with those of Barker 
and Barry. 

Whether a reason to combine prior art references has been demonstrated is a 
question of fact. Winner Int'l Royalty Corp. v. Wang, 202 F.3d 1340, 1348, 53 USPQ2d 
1580, 1586 (Fed. Cir. 2000). The statute clearly places the burden of proof to satisfy the 
question of fact on the Examiner which requires him to produce the factual basis for his 
rejection. In re Warner, 154 USPQ 173, 177 (C.C.P.A. 1967), cert, denied, 389 U.S. 
1057 (1968). The Examiner has completely failed to meet his burden of proof since 
the Examiner has not provided any factual evidence showing a proper reason or 
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suggestion of desirability to combine Barker, Barry and Buckle. "The factual inquiry 
whether to combine references must be thorough and searching." McGinley v. Franklin 
Sports, Inc., 60 USPQ2d 1001, 1008 (Fed. Cir. 2001). It must be based on objective 
evidence of record. "This precedent has been reinforced in myriad decisions, and cannot 
be dispensed with." In re Lee, 61 USPQ2d 1430, 1433 (Fed. Cir. 2002). See, e.g., In re 
Kotzab, 111 F.3d 1365, 1371, 55 USPQ2d 1313, 1317 (Fed. Cir. 2000) ("particular 
findings must be made as to the reason the skilled artisan, with no knowledge of the 
claimed invention, would have selected these components for combination in the manner 
claimed"); In re Rouffet, 149 F.3d 1350, 1359, 47 USPQ2d 1453, 1459 (Fed. Cir. 1998) 
("the [Examiner] must identify specifically the principle, known to one of ordinary skill, 
that suggests the claimed combination. In other words, the [Examiner] must explain the 
reasons one of ordinary skill in the art would have been motivated to select the references 
and to combine them to render the claimed invention obvious."); In re Fritch, 972 F.2d 
1260, 1265, 23 USPQ2d 1780, 1783 (Fed. Cir. 1992) (the examiner can satisfy the 
burden of showing obviousness of the combination "only by showing some objective 
teaching in the prior art or that knowledge generally available to one of ordinary skill in 
the art would lead that individual to combine the relevant teachings of the references"). 

Furthermore, Barker teaches away from object-level access control. Barker 
teaches that a client can specify a range of managed object instance identifiers, or even 
request all instances in a managed object call through the managed object instance 
identifier parameter (Barker, column 25, lines 27-28). Hence, Barker teaches that once a 
client has been properly authenticated at the start of a session, that client may then 
register for attribute update notification for a number of managed objects through a single 
call. Such functionality is clearly not compatible with object-level access control, and 
thus Barker clearly teaches away from object-level access control, wherein the object- 
level access control is provided at the individual object level so that one of the managers 
is granted access to one of the managed objects while being prevented from interfacing 
with a different one of the managed objects. Thus, Barker actually teaches away from the 
Examiner's proposed combination of Barker, Barry and Buckle. References that teach 
away cannot serve to create a prima facie case of obviousness. In re Gurley, 27 F.3d 551, 
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553, 31 USPQ2d 1131, 1132 (Fed. Cir. 1994). Moreover, since Barker teaches away 
from object-level access control, modifying Barker to use object-level access control 
would necessarily change the principle of operation of Barker's system. As the Examiner 
is surely away, if the proposed modification or combination of the prior art would change 
the principle of operation of the prior art invention being modified, then the teachings of 
the references are not sufficient to render the claims prima facie obvious; M.P.E.P. § 
2143.01; and In re Ratti, 270 F.2d 810, 123 USPQ 349 (CCPA 1959). 

Thus, for at least the reasons above, the rejection of claim 1 is not supported by 
the prior art and removal thereof is respectfully requested. Similar remarks as those 
above regarding claim 1 also apply to claims 58. 

Regarding claim 20, the combination of Barker, Barry and Buckle does not teach 
or suggest determining on a managed object level whether or not the manager application 
is allowed to receive an event generated by one of a plurality of managed objects or to 
send a request to the one of the plurality of managed objects as a function of the identity 
of the user of the manager application. The Examiner cites column 7, lines 47-63 and 
column 8, line 53 - column 9, line 19 of Barker. However, the cited passages do not 
mention anything about determining on a managed object level whether or not a manager 
application is allowed to receive an event generated by a managed object or send a 
request to a managed object as a function of the identity of the user of the manager 
application. Instead, these passages of Barker only refer to his use of EMAPI, CORBA, 
Java, C++, and SNMP, but fail to mention anything regarding any sort of access control 
for any portion of Barker's system. The Examiner has not cited any particular portion in 
Barker that describes the features the Examiner is attributing to Barker's system. In fact, 
the Examiner is incorrectly assuming that Barker's use of CORBA and the HOP protocol 
includes object level access control such that one of the managers is granted access to one 
of the managed objects while being prevented from interfacing with a different one of the 
managed objects. 
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Barker further teaches the use of a single service object "to provide services for a 
class of managed objects" (underlining added) (Barker, column 14, lines 42-43) and that 
the EM server "will implement one application-specific service object for each type of 
physical or logical resource to be managed" (underlining added) (Barker, column 39, 
lines 60-62). Applicants assert that access control on a command/client basis while using 
a single service object for each class of managed object actually teaches away from 
determining on a managed object level whether or not the manager application is allowed 
to send a request to the managed object. As note above 

Furthermore, Barker fails to disclose that access for the manager application to 
receive the event or send the request is approved or denied for said one of the plurality of 
managed objects at the individual object level so that the manager application is granted 
access to one of the plurality of managed objects while being prevented from interfacing 
with a different one of the plurality of managed objects. Instead, Barker discloses a 
method "of client based access control of network elements" (emphasis added, Barker, 
column 30, lines 45-46) that "provides a means to restrict access on a command/client 
basis'" (emphasis added, Barker, column 31, lines 10-12). Barker does not describe his 
access control features as restricting access at the object level. Please refer to Applicants 
arguments above regarding claim 1 for a more detailed discussion regarding Barker's 
failure to teach object level access control. 

Barry and Buckle are not relied upon by the Examiner to teach this limitation, nor 
do they overcome the above -noted deficiencies of Barker regarding determining on a 
managed object level whether or not the manager application is allowed to receive an 
event generated by one of a plurality of managed objects or to send a request to the one of 
the plurality of managed objects as a function of the identity of the user of the manager 
application. Or about where access for the manager application to receive the event or 
send the request is approved or denied for said one of the plurality of managed objects at 
the individual object level so that the manager application is granted access to one of the 
plurality of managed objects while being prevented from interfacing with a different one 
of the plurality of managed objects. Thus, the Examiner's combination of Barker, Barry 
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and Buckle does not teach or suggest the limitations of Applicants' claim 20. 

For at least the reasons given above, the rejection of claim 20 is not supported by 
the prior art and its removal is respectfully requested. Similar remarks as discussed 
above in regard to claim 20 apply to claims 39, 59, and 60. 

The also Examiner rejected claims 8, 27 and 46 under 35 U.S.C. § 103(a) as being 
unpatentable over Barker, Barry and Buckle in view of Official Notice, claims 11-15, 30- 
34 and 49-53 as being unpatentable over Barker, Barry, Buckle, Olden-RSA-Security in 
view of Official Notice. Applicants respectfully traverse the rejection of these claims for 
at least the reasons presented above, regarding their respective, independent claims. 

In regard to claims 8, 27 and 46, the Examiner takes official notice that "both the 
concept and advantages of providing [an] object corresponding to a telephone network is 
well known and expected in the art." Pursuant to M.P.E.P. § 2144.03, Applicant 
traverses the Examiner's taking of Official Notice in regard to the specific combination 
of features recited in claims 8, 27 and 46. Applicant asserts that it was not well known in 
the prior art for a gateway coupled to a plurality of managed objects and which is 
configured to deliver events generated by the managed objects to one or more managers 
or to deliver one or more requests generated by the one or more managers to one or more 
of the managed objects and wherein the gateway is configured to provide object-level 
access control between the one or more managers and the managed objects, wherein the 
managed objects comprise one or more objects corresponding to a telephone network. 
Pursuant to M.P.E.P. § 2144.03 Applicants repeat the assertion that "the examiner must 
provide documentary evidence in the next Office action if the rejection is to be 
maintained. See also 37 CFR 1.104(c)(2), (d)(2) and In re Zurko, 258 F.3d 1379, 1386 
(Fed. Cir. 2001). As discussed above, the additional references cited by the 
Examiner do not support the Official Notice. 

Moreover, the Examiner's stated reason to combine the teachings of his Official 

09/556,068 (5181-48400/P4500) 33 Meyertons, Hood, Kivlin, Kowert & Goetzel, P.C. 



Notice with the other cited references is completely conclusory and not supported by any 
evidence of record. Thus, the rejection of claims 8, 27 and 46 is improper and removal 
thereof is respectfully requested. 

In further regard to claims 11-15, 30-34 and 49-53, the Examiner takes official 
notice that "both the concept and advantages of providing access to a logging service, to 
log an ID of a user, to log an ID of the object is well known and expected in the art." 
Pursuant to M.P.E.P. § 2144.03, Applicant traverses the Examiner's taking of official 
notice in regard to the specific combination of features recited in these claims. 
Applicants assert that it was not well known in the prior art for a gateway that provides 
object-level access control to provide access to a logging service, to log an ID of user or 
to log an ID of a managed object. In fact, as admitted by the Examiner, Barker, Barry 
and CORBA/TMN all fail to teach providing access to a logging service, to log an ID of 
user or to log an ID of a managed object. Pursuant to M.P.E.P. § 2144.03 Applicants 
repeat the previous assertion that "the examiner must provide documentary evidence in 
the next Office action if the rejection is to be maintained. See also 37 CFR 1.104(c)(2), 
(d)(2) and In re Zurko, 258 F.3d 1379, 1386 (Fed. Cir. 2001). Furthermore, the 
Examiner's stated reason to combine the teachings of his Official Notice with the other 
cited references is completely conclusory and not supported by any evidence of record. 
As discussed above, the additional references cited by the Examiner do not support 
the Official Notice. 

The Examiner rejected claims 2-4, 10, 21-23, 29, 40-42 and 48 under 35 U.S.C. § 
103(a) as being unpatentable over Barker, Barry and CORBA/TMN in view of Olden 
(U.S. Patent 6,460, 14 1)/RSA Security, Inc. (hereinafter "Olden-RSA-Security"), claims 
18, 37 and 56 as being unpatentable over Barker, Barry, CORBA/TMA in view of 
Hearne, et al. (U.S. Publication 2001/00521 13) (hereinafter "Hearne") in view of Solstice 
Enterprise Manager 4.1 Managing your Network (hereinafter "Solstice"), claims 19, 38 
and 57 as being unpatentable over Barker, Barry, CORBA/TMN in view of Hearne, 
claims 2-4, 10, 21-23, 29, 40-42 and 48 as being unpatentable over Barker, Barry and 
Buckle in view of Olden-RSA-Security, claims 18, 37 and 56 as being unpatentable over 
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Barker, Barry and Buckle in view of Hearne and Solstice, claims 9, 38 and 57 as being 
unpatentable over Barker, Barry, Buckle in view of Hearne. Applicants respectfully 
traverse the rejection of these claims for at least the reasons presented above regarding 
their respective, independent claims. 

Section 102(e) Rejections : 

The Office Action rejected claims 1-6, 8-11, 16, 17, 20-25, 27-30, 35, 36, 38-44, 
46-49, 54, 55 and 58-60 under 35 U.S.C. § 102(e) as being anticipated by Vuong et al. 
(U.S. Patent 6,430,578) (hereinafter "Vuong") and also as anticipated by Spencer (U.S. 
Patent 6,253,243). Applicants respectfully traverse these rejections for at least the 
reasons presented below. 

Regarding claim 1, contrary to the Examiner's assertion, Vuong fails to disclose a 
gateway which is coupled to a plurality of managed objects and which is configured to 
deliver one or more events generated by the managed objects to one or more managers or 
to deliver requests generated by the managers to one or more of the managed objects. 
Vuong teaches a naming service that provides unique identifiers and addresses for 
processes on a computer network. Vuong 's name service includes a database of the 
identifiers and addresses and the name service responds to queries by searching the 
database and returning any results. (Vuong, Abstract; column 2, lines 7-15). 

The Examiner cites column 5, line 57 - column 6, line 23. However, the cited 
passage describes how Vuong 's name service accepts names from agents on the computer 
network and, after determining whether or not the name is unique, either adds the agent's 
name to the name service's database or sends a "refuse request" message to the agent. 
The cited passage does not mention any gateway coupled to a plurality of managed 
objects. Database entries are not managed objects, as managed objects are understood in 
the art. Presumably the Examiner interprets Vuong 's name service as a gateway. 
However, Vuong 's name service is not coupled to a plurality of managed objects. 
Instead, Vuong 's name service merely handles requests to add names to as well as 
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queries to retrieve information from the name service's database. Even if one could 
interpret Vuong's name service database as a managed object, which Applicants maintain 
one cannot, the database is clearly not managed by the requesting agents. Merely 
requesting that a name and/or address be inserted as an entry into the database does not 
constitute managing the database. Clearly Vuong's name service manages the database. 
In fact, Vuong very clearly states, "Name Service 112 maintains a database holding 
identification and addressing information" and "the database controlled by the Name 
service is an object-oriented database" (emphasis added, Vuong, column 3, lines 57-63). 
Thus, Vuong teaches that his name service controls and maintains the database. 

Additionally, agents registering their names with Vuong's name service are not 
managers and do not generate requests to managed objects. Instead, Vuong's agents 
merely request that their name (and address) be included in the name service's database. 
Vuong does not teach that an agent registering its name with the name service is a 
manager generating requests to a managed object. Instead, as noted above, Vuong's 
name service maintains and controls the database. 

Vuong also fails to disclose a gateway configured to provide object-level access 
control between the managers and the managed objects. The Examiner cites column 2, 
lines 26-52 and column 6, lines 42-59 of Vuong. The first cited passage provides an 
introduction to Vuong's name service for "managing names and identities of processes 
running on a computer network" (Vuong, column 2, lines 26-28). This passage further 
describes how Vuong's name service includes a receiver that accepts a name from a 
process on the computer network and a comparator configured to determine whether the 
process is a component of the computer management infrastructure for the computer 
network. The second cited passage (Vuong, column 6, lines 42-59) describes the ability 
of Vuong's name service to respond to "relatively sophisticated queries." For example, 
Vuong's query syntax supports prefixes, suffixes, infixes, and full or partial names using 
wildcards. This passage further describes how registered entities may receive updates or 
changes made to the name service's database. However, nowhere in either cited passage, 
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nor in fact in the entire Vuong reference, is there any mention of a gateway configured to 
provide object-level access control between managers and managed objects. 

Instead, Vuong provides a name service that collects, maintains, and disseminates 
unique identifiers and addresses for processes on a computer network. Providing 
identifiers and addresses for processes on a computer network is clearly not the same as 
providing object-level access control between managers and managed objects. Vuong 
does not mention any sort of access control in his name service. The Examiner seems to 
be implying that any form of object-level access necessarily includes object- level access 
control at the individual object level. However, object-level access can be provided with 
or without imposing object-level access control. Vuong does not disclose or complete 
any form of access control. 

Furthermore, Vuong fails to disclose wherein the object-level access control is 
provided at the individual object level so that one of the managers is granted access to 
one of the managed objects while being prevented from interfacing with a different one 
of the managed objects. The Examiner again cites column 2, lines 26-52 and column 6, 
lines 42-59 of Vuong. However, neither of these passages mentions anything regarding 
an agent, which the Examiner is presumably interpreting as a manager, being granted 
access to one database entry, which the Examiner is presumably interpreting as a 
managed object, while being prevented from interfacing with a different one of the 
database entries. Instead, the cited passages describe how Vuong's name service 
responds to queries. Vuong doesn't mention anything regarding preventing access to his 
database on an entry-level basis. The Examiner has failed to ever respond to this 
argument. 

Thus, for at least the reasons above, the rejection of claim 1 is not supported by 
the prior art and removal thereof is respectfully requested. Similar remarks as those 
above regarding claim 1 also apply to claims 58. 
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Regarding claim 20, Vuong fails to disclose determining on a managed object 
level whether or not the manager application is allowed to receive an event generated by 
one of a plurality of managed objects or to send a request to the one of the plurality of 
managed objects as a function of the identity of the user of the manager application . The 
Examiner cites column 7, lines 9-32. However, the cited reference has absolutely no 
relevance to determining, as a function of the identity of a user of the manager 
application whether or not the manager application is allowed to receive an event 
generated by or to send a request to one of a plurality of managed object. Instead, the 
cited reference merely describes how an agent, or other entity on the computer network, 
can de-register with Vuong 's name service and thereby remove its name from the name 
service's database. The cited reference makes not mention to determining whether or the 
requesting agent can access a managed object. Even if one interprets the entries of 
Vuong 's database as managed object, which Applicants maintain one cannot, the cited 
passage still does not disclose anything regarding determining whether or not the de- 
registering agent can access the database entry. Instead, Vuong teaches only that the 
name service checks the agent's name against the database and if it is found, the entry is 
removed. 

Vuong also fails to disclose whereby access for the manager application to receive 
the event or send the request is approved or denied for said one of the plurality of 
managed objects at the individual object level so that the manager application is granted 
access to one of the plurality of managed objects while being prevented from interfacing 
with a different one of the plurality of managed objects, contrary to the Examiner 
contention. The Examiner cites column 8, lines 21-42 of Vuong. Applicants can see no 
relevance of the cited passage. The cited passage discusses the "various devices and 
entities" that reside on and communicate over a computer network. Vuong mentions 
devices and entities such as client computers, data storage devices, modems, printers, 
hubs, routers, packet switches, hosts, and bridges. The cited passage is, however, 
completely silent regarding approving or denying access for a manager application at an 
individual object level so that the manager application is granted access to one while 
being prevented from interfacing with a different one of a plurality of managed objects. 
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The Examiner seems to be arguing that merely listing various devices that may reside and 
communicate on a computer network implies providing such access control at an 
individual object level. The Examiner is clearly inserting his own assumptions into 
Vuong's system through hindsight speculation. 

For at least the reasons given above, the rejection of claim 20 is not supported by 
the prior art and its removal is respectfully requested. Similar remarks as discussed 
above in regard to claim 20 apply to claims 39, 59, and 60. 

The Examiner also rejected claims 1-6, 8-11, 16, 17, 20-25, 27-30, 35, 36, 39-44, 
46-49, 54, 55 and 58-60 as being anticipated Spencer (U.S. Patent 6,253,243). Applicants 
respectfully traverse this rejection for at least the reasons presented below. 

Regarding claim 1, Spencer fails to disclose a gateway configured to provide 
object-level access control between the managers and the managed objects to receive the 
events from or to send the requests to the managed objects, contrary to the Examiner's 
assertion. The Examiner cites a passage (column 5, lines 46-65) where Spencer describes 
how a user-developed management application 300 communicates with MIS server 306 
via a portable management interface (PMI) 302. Spencer describes how PMI 302 is an 
object-oriented interface that provides access to management information. The cited 
passage does not teach anything about a gateway providing object-level access control 
between managers and managed objects. The Examiner has not provided any argument 
or explanation regarding his interpretation of the cited passage. 

Spencer further fails to disclose wherein the object-level access control is 
provided at the individual object level so that one of the managers is granted access to 
one of the managed objects while being prevented from interfacing with a different one 
of the managed objects, contrary to the Examiner's contention. The Examiner cites 
column 7, lines 35-57 of Spencer. However, the cited passage teaches how Spencer's 
SNMP trap system extracts the IP address from an <agent_addr> field of the SNMP trap 
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Protocol Data Unit (PDU). The PDU is the format for SNMP trap data in Spencer's 
system. After extracting the IP address, Spencer's system determines if there is an object 
configured to represent that agent system. If such an object is found, the trap's 
originating system's cmipsnmpProxyAgent instance is set as the source object instance 
for the trap alarm. Thus, the Examiner's cited passages not only fail to mention anything 
about object-level access control, it has no relevance to access control. Spencer does not 
teach anything about providing object-level access control at the individual object level 
so that a manager is granted access to one managed object while being prevented from 
interfacing with a different one of the managed objects. 

Thus, for at least the reasons above, the rejection of claim 1 is not supported by 
the prior art and removal thereof is respectfully requested. Similar remarks as those 
above regarding claim 1 also apply to claims 58. 

Regarding claim 20, contrary to the Examiner's assertion, Spencer fails to 
disclose sending an identity of a user of a manager application to a gateway. The 
Examiner cites column 7, lines 35-67 of Spencer. However the cited passage makes no 
mention of sending an identity of a user of a manager application to a gateway. Instead, 
the cited passage describes how Spencer's system uses an IP address to locate a proxy 
agent object to represent a SNMP trap's agent system. Nowhere does Spencer mention 
sending an identity of a user of a manager application to a gateway. 

Additionally, Spencer fails to disclose determining on a managed object level 
whether or not the manager application is allowed to receive an event generated by one of 
a plurality of managed objects or to send a request to the one of the plurality of managed 
objects as a function of the identity of the user of the manager application, contrary to the 
Examiner's contention. The Examiner cites column 5, line 53 to column 6, line 13. 
However, the cited passage does not teach or even mention determining on a managed 
object level whether or note the manager application is allowed to receive an event 
generated by or to send a request to one of the plurality of managed objects as a function 
of the identity of the user of the manager application. Instead, the cited passage describes 
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how a managed application 300 communicates with an MIS server according to the 
portable management interface and how the portable management interface is able to 
access managed object instance state information, class schema, and event services. 
Spencer does not discuss or mention anything about an identity for a user of a manager 
application. Nor does Spencer mention determining whether or not the manager 
application can send requests or send events to managed objects as a function of the 
identity of the user of the manager application. 

Spencer also fails to disclose whereby access for the manager application to 
receive the event or send the request is approved or denied for said one of the plurality of 
managed objects at the individual object level so that the manager application is granted 
access to one of the plurality of managed objects while being prevented from interfacing 
with a different one of the plurality of managed objects, contrary to the Examiner 
assertion. The Examiner again cites column 7, lines 35-67 of Spencer. However, as 
noted above, this passage does not mention any sort of object-level access control. 
Nowhere does Spencer mention anything regarding approving or denying the manager 
application access to receive an event or send a request at the individual object level. The 
cited passage fails to mention any sort of access control whatsoever. The Examiner has 
clearly misunderstood or misinterpreted the teachings of Spencer. 

For at least the reasons given above, the rejection of claim 20 is not supported by 
the prior art and its removal is respectfully requested. Similar remarks as discussed 
above in regard to claim 20 apply to claims 39, 59, and 60. 

Regarding all the §102 and §103 rejections discussed above, Applicants also 
assert that numerous ones of the dependent claims recite further distinctions over the 
cited art. However, since the rejections have been shown to be unsupported for the 
independent claims, a further discussion of the dependent claims is not necessary at this 
time. 
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CONCLUSION 



Applicants submit the application is in condition for allowance, and notice to that 
effect is respectfully requested. 



If any fees are due, the Commissioner is authorized to charge said fees to 
Meyertons, Hood, Kivlin, Kowert, & Goetzel, P.C. Deposit Account No. 501505/5181- 
48400/RCK. 



Respectfully submitted, 

/Robert C. Kowert/ 

Robert C. Kowert, Reg. #39,255 
Attorney for Applicants 
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